Software vulnerabilities are weaknesses that can either cause an accidental system failure or be intentionally exploited. To prevent this from happening, there are security measures such as Container Scanning that can help to identify vulnerabilities.

In this blog, we will provide instructions on how to set up vulnerability scanners for:

Google Container Scanning (Google Cloud Provider, Google Container Registry) provides automated and manual vulnerability scanning to fetch vulnerabilities from containers.

💎 Pro Tip: If you’re already doing container vulnerability scanning in GCP, you don’t need to take any action

If not, Secfix recommends you start container scanning, but do decide whether you want to do so yourself. You can learn more about container scanning here. When you’re ready, follow the instructions below to enable each GCP project:

🕒 Once enabled, you can expect the vulnerabilities to be listed within an hour.

Microsoft Defender for Container Registries fetches vulnerabilities from containers. Azure Defender for Container Registries is a feature that automatically scans containers uploaded to Azure Container Registry for vulnerabilities.

💎 Pro Tip: If you already use Azure Defender for Container Registries, you don’t need to take any action

However, if you’d like to start using container scanning, follow these instructions:

🕒 Once enabled, you can expect the vulnerabilities to be listed within an hour.

Amazon Inspector fetches vulnerabilities from your servers and provides a report.

To activate Amazon Inspector in your AWS account, opt for one of the two choices:

🕒 Once enabled, you can expect the vulnerabilities to be listed within an hour.

Elastic Container Registry Scanning is fetching vulnerabilities from your containers.
To activate it, opt for one of the two choices:

🕒 Once enabled, you can expect the vulnerabilities to be listed within an hour.

You can also use tools like Snyk to scan your entire infrastructure.

​